Name: The Client-side Blind Side: Supply Chain Risks in Website Code
Start: 2021-03-25T16:00:00Z
End: 2021-03-25T16:42:00.000Z
Location: BrightTALK

PerimeterX protects the modern web and mobile applications, and APIs from automated attacks. We protect against account abuse, carding, scraping, checkout abuse, marketing fraud, PII harvesting, skimming and watering hole attacks.

The publicity surrounding hype sales helps increase demand for limited edition products such as sneakers, gaming consoles and fashion accessories, which earns brands both market share and profit. But it can also bring out bad bots which snatch up products for lucrative resale and cause traffic spikes. This can result in frustrated customers, potential revenue losses and significantly slow down e-commerce sites.

Join PerimeterX and YOTTAA for a 22 minute live webinar to learn how to:
-Prepare your site to deal with both overwhelming bot and legitimate traffic
-Incorporate user-friendly verifications to ensure that humans, not bots, get your limited edition products
-Receive expert tips on how to build a successful hype sales event

This webinar is hosted by PerimeterX in conjunction with YOTTAA. As a result, both PerimeterX and YOTTAA will have access to the information you submit on this form, and both companies will use it to communicate with you on relevant topics. For more information on each company’s privacy practices, please see the PerimeterX Privacy Policy and the YOTTAA Privacy Policy.

Tips for 2022 Hype Sales Success

Cyber criminals are constantly changing their attack methods to stay ahead of your defenses. How do you keep up with the changing threat landscape? What threats are lurking and how do you plan to address them? What security tools are available to combat these threats? 

To address these questions and more, join us for a live session on April 21 at 10am PT | 1pm ET as CEO of CyberEdge Group, Steve Piper and PerimeterX Cyber Security Evangelist, Robert Kusters discuss findings from the 9th annual Cyberthreat Defense Report. Learn about the key insights from this year’s report, including:  

-The top cyberthreats to web and mobile applications
-Ways that security teams are protecting their businesses
-The biggest issues facing security leaders and how to address them

Insights into Today’s Cyberthreat Landscape

PerimeterX has released its second Automated Fraud Benchmark Report, an annual survey that explores the web app traffic and threat patterns experienced by some of the largest and most respected brands in retail e-commerce. Join the live webinar on Wednesday, April 13 at 10am PT | 1pm ET to get the results!

Liel Strauch, Director of Cybersecurity Research at PerimeterX, and Kim DeCarlis, CMO, will share the findings of the Automated Fraud Benchmark Report and explain what this means for the future cyberthreat landscape.

The webinar will cover:
Key takeaways from the Automated Fraud Benchmark Report
Automated attack trends facing e-commerce retailers
Best practices to identify bots and stop automated fraud

Cyberattack Trends from the Automated Fraud Benchmark Report

Hear how the newest features in the PerimeterX Platform are helping disrupt the lifecycle of web attacks while also safeguarding your consumers’ digital experience.

This webinar will cover:
- Getting greater visibility and protection into API requests through our extended support for GraphQL
- Changing the economics of attacks through Scenario-optimized Proof of Work
- Reducing the friction in visual challenges with Human Challenge
- Ensuring your limited release sales are protected with Hype Sale Challenge
- Moving to quick and codeless web and mobile SKDs for PerimeterX Bot Defender

Disrupting the Web Attack Lifecycle

Consumers’ digital engagement has skyrocketed in recent years, which has led to an increase in consumer accounts on web and mobile apps across industries — and with it, a rise in account takeover (ATO) attacks. It seems that as long as Internet users have accounts, cybercriminals will try to hack them. 
 
Join us for a live webinar as Ido Safruti, CTO and Co-Founder of PerimeterX, will share current trends from the forefront of threat research. He will delve deep into different attack types — from digital skimming and Magecart, to credential stuffing and new trends in account fraud — and discuss how they fit within the larger ATO and web attack lifecycle. From his unique position witnessing and blocking ATO attacks against some of the world’s largest brands, Ido will explain the attack techniques that are gaining popularity and the processes that are most effective in stopping them.

Space is limited. Save your seat today! The first 50 attendees will receive a $20 Amazon gift card.

Threat Research Insights: The Account Takeover and Web Attack Lifecycle

As security compliance regulations continue to become more stringent, how does your financial entity assure Payment Card Industry (PCI) and privacy compliance? Visibility into who and what is accessing sensitive customer form fields on your website is critical.
 
Join us for a live webinar on Wednesday, March 2nd at 11am PT | 2pm ET as PerimeterX Vice President of Product Marketing, Brian Uffelman, and Brendan Booth, Compliance Analyst, share their best practices and learn how to orchestrate your code for compliance and security in today's payment landscape. 

This webinar will cover:
The increasing prevalence third-party code
How PCI exposure causes significant damage to the financial sector
How GDPR, CCPA and CPRA impact compliance and security in 2022 and beyond

Complete Compliance and Security in Payments

With the unprecedented ability of organizations to digitally collect, process and sell data across the web, regulators are taking an active role to safeguard personal data.

Join us for a live discussion on Wednesday, February 23 at 10am PT | 1pm ET as Michael Sampson, Senior Analyst, Osterman Research, Inc., and Brian Uffelman, VP and Security Evangelist, PerimeterX, discuss their insights on the new California Privacy Rights Act (CPRA) and how it will impact security in 2022 and beyond. 

They will discuss: 

How the new CPRA expands upon the original California Consumer Privacy Act (CCPA)
Why businesses must ensure that third-party software vendors are compliant with the CPRA
How businesses risk CPRA compliance on corporate websites

Space is limited. Save your seat today! The first 50 attendees will receive a $20 Amazon gift card.

Analyst Hour: How to Comply with the CPRA

Tips for 2022 Hype Sales Success 

The publicity surrounding hype sales helps increase demand for limited edition products such as sneakers, gaming consoles and fashion accessories, which earns brands both market share and profit. But it can also bring out bad bots which snatch up products for lucrative resale and cause traffic spikes. This can result in frustrated customers, potential revenue losses and significantly slow down e-commerce sites.

To get ready for hype sales in 2022, join PerimeterX and YOTTAA for a 22 minute live webinar to learn how to:
-Prepare your site to deal with both overwhelming bot and legitimate traffic
-Incorporate user-friendly verifications to ensure that humans, not bots, get your limited edition products
-Receive expert tips on how to build a successful hype sales event

This webinar is hosted by PerimeterX in conjunction with YOTTAA. As a result, both PerimeterX and YOTTAA will have access to the information you submit on this form, and both companies will use it to communicate with you on relevant topics. For more information on each company’s privacy practices, please see the PerimeterX Privacy Policy and the YOTTAA Privacy Policy.

Your retail business relies on your e-commerce storefront as the primary way for consumers to interact with your brand. Developers are under pressure to address emerging threats, as increased website traffic has created a perfect environment for cybercriminals to launch highly sophisticated attacks against retail targets. 

In this Tech Talk, PerimeterX Senior Solutions Architect, Johnny Tordgeman and Salesforce Commerce Cloud Performance Engineer, Jim Krueger will discuss how to leverage the Salesforce Storefront Reference Architecture (SFRA) to get ahead of automated attacks by setting up a secure digital storefront on day one. Come join the discussion that will include:
- Security tips and techniques for securing your digital storefront 
- Creating a basic bot protection cartridge 
- Integrating with external security services
- Manipulating HTML response to blocked requests

Register now to learn new skills and build your SFCC technical expertise.

Tech Talk Episode 1:  5 Steps to Secure your Web Apps with SFCC

80% of e-commerce operational costs are negatively impacted by malicious bots. That translates to up to 23% of net revenue. Bad bots represent a growing problem for e-commerce merchant profitability because they negatively impact e-commerce KPIs, including add to cart rate, cart abandonment rate and conversion rate.  Join us for a live webinar as Derek Brink, CISSP, Aberdeen Strategy & Research and Kim DeCarlis, CMO, PerimeterX, discuss the findings of the Aberdeen Research report: Quantifying the Impact of Bad Bots on E-commerce Merchant Profitability. They'll help you discover the true cost of automated bot attacks.  The webinar will cover: -How bad bots negatively impact e-commerce revenue -Ways to improve profitability with a modern approach to bot management -Best practices to detect and block attacks during peak traffic

Analyst Hour: Quantifying the Impact of Bad Bots on E-Commerce Profitability

As cybercriminals develop increasingly sophisticated attack techniques, it’s time to rethink your security approach for the coming year.   Join us for a live webinar with PerimeterX CTO and Co-founder, Ido Safruti, and Kim DeCarlis, CMO, to hear their top five predictions for 2022 and learn how to set your digital business up for success.  This webinar will cover: -The increasing prevalence of custom malware -Why user identities are the new number one target of cyberattacks -How automated fraud will impact digital businesses in 2022 and beyond

Top Five Cybersecurity Predictions for 2022

In this third installment of PerimeterX Analyst Hour — a series of talks featuring the latest cybersecurity insights from top industry researchers and analysts. In this session, featuring TAG Cyber CEO, Ed Amoroso and PerimeterX CEO, Omri Iluz, you will hear their perspectives on the new normal for cybersecurity and what security and digital teams need to do to stay ahead.

Join the live session to learn about:

-Trends in automated attacks and how they’ve changed
-Recommendations for building and securing modern web apps
-Insights on the technologies that will help keep your business moving forward

Industry Trends: The New Normal for Cybersecurity

More than 90% of websites use third-party scripts and open source libraries for common functions such as payments, customer reviews, tag management and social media integration. But website owners lack visibility into this Shadow Code - scripts added without approvals or ongoing security validation - to know for certain that their site is safe from cyberattacks, introducing hidden risks into an organization.

Join us for a live session as Michael Osterman, President, Osterman Research Inc and Kim DeCarlis, CMO, PerimeterX discuss the hidden risk of using third-party scripts. Learn how to secure your modern web applications from supply-side attacks to avoid the risk of a data breach, ensure data privacy and comply with regulations.

We will cover:
-Vulnerabilities introduced by third-party scripts in your web applications
-Attack detection methods and challenges
-Visibility into code changes using third-party scripts

Analyst Hour: False Sense of Security — Shadow Code Remains a High Risk

Hype sales are an increasingly popular way to sell limited release items including sneakers, tickets, streetwear, gaming consoles and cosmetics. However, bot operators exploit these events to snatch up products for lucrative resale, often preventing real customers from securing their desired item. The result? Poor user experience marked by excessive captchas, frustrated customers who miss out and potential revenue losses to e-commerce retailers.

Hype Sales Protection, offered by PerimeterX, takes the headache out of managing limited edition product launches and flash sales so that customers keep coming back to your next sales event. 

Join for a live session to:
-Learn how bots are hijacking the world of limited edition launches
-Understand how to optimize your customer experience
-Get guidance on how to build the ideal hype sales event

Not sure if you can make it September 15? Register and we’ll send you a link for on-demand viewing.

Register now. The first 50 attendees will receive a $50 gift card to help with your next purchase of a limited release item from a PerimeterX customer.

Hype Sales Protection: Best Practices for Your Next Limited Time Sales Event

More than 90% of websites use third-party scripts and open source libraries for common functions such as payments, customer reviews, tag management and social media integration. But website owners lack visibility into this Shadow Code - scripts added without approvals or ongoing security validation - to know for certain that their site is safe from cyberattacks, introducing hidden risks into an organization.

Join us for a live session on Tuesday, October 26 at 10am PT | 1pm ET as Michael Osterman, President, Osterman Research Inc and Kim DeCarlis, CMO, PerimeterX discuss the hidden risk of using third-party scripts. Learn how to secure your modern web applications from supply-side attacks to avoid the risk of a data breach, ensure data privacy and comply with regulations.

We will cover:
-Vulnerabilities introduced by third-party scripts in your web applications
-Attack detection methods and challenges
-Visibility into code changes using third-party scripts

In today’s digital world, a company’s website or web app is the way that consumers discover, shop and interact with a brand.  Online traffic to your digital headquarters has reached new heights and so has cybercriminal activity, with sophisticated online fraud schemes and digital skimming attacks hitting the press daily.  So what is the digital business leader to do?

First, educate yourself about the threats that are hidden just under the surface of your websites and web apps.  Then learn about ways to address them.  This webinar will do both, including:  

-Sharing trends in traffic, automated fraud and client side attacks 
-Pointing out signs that your website or web app may have a problem
-Discussing techniques for securing modern web apps
-Learning how top brands have faced cybersecurity challenges head on

Sign up today to learn how best to protect your digital headquarters from automated fraud and client-side threats.

Cybersecurity and the New Normal for Your Digital Business

Software engineers focus on releasing software as fast as possible. To speed up the process, development teams often take advantage of modular code from open-source repositories, third-party vendor scripts or common libraries that are freely available. Unfortunately, this could end up unintentionally introducing malicious JavaScript that may expose the whole environment to security vulnerabilities -- sometimes immediately or at a later time when the code’s origin has been long forgotten. This code from bad actors often  hides  in what many developers assume to be  reputable sources. 

In this Tech Talk, we will discuss:
-How to identify JavaScript that is malicious
-Differences between security scanners and security monitors
-Ways to eliminate the tension between Security Teams, DevSecOps and Developers

You’ll walk away from this session with new ideas that you can put into practice quickly, so invite your team. The first 50 attendees will also receive a $20 gift card to use online with a PerimeterX customer.

Tech Talk Episode 2: Finding Malicious JavaScript that Compromises Your Code

Modern web apps that people rely upon today are different than apps were in the past. They are composed of components that perform specific tasks and microservices architectures that fully leverage the cloud.  Some components and services are written by the web developer, others come from partners and yet others from open source libraries. 

This approach also means that modern web apps are no longer delivered from a single data center or cloud. They consist of a complex ecosystem of services that come together on the end user’s browser or mobile device. It is no longer practical to funnel all these services through a single monolithic policy enforcement point or gateway. Providing visibility and control of modern web applications requires a new way of thinking and new approaches. 

In this Tech Talk, PerimeterX Co-founder and CTO, Ido Safruti and Uriel Maimon, Senior Director of Emerging Technologies will discuss:

- What is a modern web app?
- How is protecting a modern web app different?
- Technologies that provide visibility and control of your modern web app

TechTalk Episode 3: Securing Modern Web Apps

Your software supply chain is the new attack surface. Web applications are especially vulnerable as your code shifts to the client side where your legacy security tools are blind. Join this webinar to learn how attackers are exploiting this client-side blind side to carry out digital skimming, formjacking and Magecart attacks.

This webinar will cover:
-Vulnerabilities introduced by third-party scripts in your web applications
-Attack detection methods and challenges
-Website risk analysis tools to help you identify and mitigate supply chain risks

Register now to save your spot and get a link to the on-demand recording to watch at your leisure.

The Client-side Blind Side: Supply Chain Risks in Website Code

3rd party scripts

DevSecOps

DevOps

formjacking

Web Application Security

Data Protection

IT Security

Website Security

Code Defender

Ecommerce

Get powerful e-commerce insights to grow your online transaction volume. Connect with thought leaders and colleagues to get the most up-to-date knowledge on the e-commerce strategies and techniques that drive growth.

E-commerce

The marketing community on BrightTALK is made up of thousands of engaged marketing professionals. Find relevant webinars and videos on marketing strategy, branding and more presented by recognized thought leaders. Join the conversation by participating in live webinars and round table discussions.

Marketing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

Join thousands of engaged IT professionals in the application management community on BrightTALK. Interact with your peers in relevant webinars and videos on the latest trends and best practices for application lifecycle management, application performance management and application development.

Application Management

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Get powerful emerging technology insights from influential experts. Connect with thought leaders and colleagues to get the most up-to-date knowledge on technologies like 3D printing, pervasive robotics, natural interfaces, connected everything and cognitive systems.

Emerging Technologies

The research and development community on BrightTALK brings together leading professionals in healthcare, technology and manufacturing to present on current topics in their fields. From big data in healthcare to online forensics training and medical research practices, the community is an exceptional resource for those looking to expand their knowledge. Be part of the conversation by joining the community and participating in interactive live webinars.

Research and Development

This community is for institutional investors responsible for managing large-scale funds. Join to learn how top institutional investors are managing their organization’s shares, influencing the market, and what tips they have for successful investment strategies.

Institutional Investors

Get powerful banking and treasury insights for your business. Connect with experts and colleagues to get the most up-to-date knowledge on hot topics such as digital banking, payments disruption and non-bank competition. Learn how the latest treasury management strategies are helping to mitigate operational, financial and reputational risk.

Banking and Treasury

Join this new, vibrant community to learn and connect with top thought leaders, startups and banks who are disrupting the financial services industry. Keep up with the latest news and trends in Fintech and take part in lively debates on topical issues and challenges.

Fintech

The accounting and finance community on BrightTALK features presentations from leading accountants and finance professionals. The accounting community includes tax planning strategies, QuickBooks webinars and other accounting webinars, while the finance community features presentations on financial capital regulations and forensic data analytics. Join the conversation by attending live financial and accounting presentations and connecting with industry thought leaders.

The Client-side Blind Side: Supply Chain Risks in Website Code

Presented by

About this talk

More from this channel